System and method of authenticating a digitally captured image

ABSTRACT

A system and method of authenticating a digital still image captured using a digital image capture device. To process the digital still image for later authentication, a signature data is transmitted from a remote location to the digital image capture device. Upon capturing the digital still image, an image identification is associated with the digital still image. The signature data is then applied to the captured digital still image to produce an authentication signature representative of the captured digital still image. The authentication signature is associated with the image identification and transmitted from the digital still image to the remote location for storage at the remote location. To verify the authenticity of the digital still image, the digital still image is transmitted to the remote location. The signature data for the transmitted digital still image is accessed and applied to the transmitted digital still image to produce a verification signature. The authentication signature and the verification signature are compared to determine the authentication of the transmitted digital still image. In an alternate embodiment, the signature data and image identification are sent to the image capture device to generate the verification signature, which is transmitted to the remote location for comparison with the authentication signature.

FIELD OF THE INVENTION

[0001] The present invention relates generally to a method of processingand authenticating a digitally captured image.

BACKGROUND OF THE INVENTION

[0002] The use of images for recording events is well known. Images canbe captured using image capture devices such as a film camera, videodigital camera, or a digital camera which captures digital images.Journalists use digital cameras such as the Kodak DCS 315 to captureimages of newsworthy events. Digital cameras such as the Kodak DCS 330are used to capture images at construction sites or other places where avisual record of the event is needed. Typically, a user of a digitalcamera captures a plurality of digital images which are stored on aremovable memory card. These digital images may be transferred from thememory card and stored, for example, on a hard drive of a computer,recordable compact disc (CD), or other non-volatile memory associatedwith the user's computer. While digital images captured using a digitalcameras are convenient to capture and transfer, the digital image arealso relatively easy to modify, and the modifications can be difficultto detect. Accordingly, the authenticity of the digital image may be atissue.

[0003] Several approaches have been taken to insure the authenticity ofa digital image. One approach is to connect a digital camera to a secureimage storage facility over a secure link. Using this approach, theveracity of the digital image captured using the digital camera isdependent on the security of the link and the storage facility. Whilethis approach may be suitable for its intended purpose, this approachmandates maintenance of a large image database and secure links to it.For example, WO 00/01138 (Steinberg) discloses an “escrow” securitytransmission wherein images “first data” are sent to a first locationand other information “second data” is sent to a second location.

[0004] Methods of encoding data within a digital image are known tothose skilled in the art. The encoded data can be used in an attempt toprovide a “stamp of authenticity” for an image. However, if a portion ofthe image is modified, the encoded data may still remain intact, and thetampering will not be recognized. For example, U.S. Pat. No. 5,862,218(Steinberg) discloses a camera using indicium received from a hostcomputer to mark an image in a nondestructive manner to form a modifiedimage data and add the indicium to an image header.

[0005] Encryption might be employed to verify the authenticity of adigital image. If an image is encrypted by the digital camera, it can bedecrypted at a later time only by those with the proper decryption“key”. However, the utility of the image is lost for all those who donot have the decryption key. For example, U.S. Pat. No. 5,862,217(Steinberg) discloses a digital camera providing encryption of an imageduring the acquisition process to attempt to avoid the existence ofunencrypted image data.

[0006] Accordingly, while these methods may have achieved certaindegrees of success for their particular application, a need continues toexist for a method for verifying the authenticity of a digital imagewhich overcomes the problems of the existing methods. In particular, aneed continues to exist for a method for verifying the authenticity of adigital image without reducing the utility of the digital image. Thatis, the method should allow use of the digital image by numerous users,of which only a portion may have a need to authenticate the image.

SUMMARY OF THE INVENTION

[0007] An object of the present invention is to provide a system andmethod of determining the authenticity of a digitally captured image.

[0008] Another object of the invention is to provide such a system andmethod which does not reduce the utility of the image.

[0009] A further object of the invention is to provide such a system andmethod which maintains flexibility and portability of the image capturedevice used to capture the image.

[0010] Still another object of the invention is to provide such a systemand method which does not mandate maintenance of a large image database.

[0011] These objects are given only by way of illustrative example.Thus, other desirable objectives and advantages inherently achieved bythe disclosed invention may occur or become apparent to those skilled inthe art. The invention is defined by the appended claims.

[0012] According to one aspect of the invention, there is provided amethod of processing for later authentication a digital still imagecaptured using a digital image capture device. The method comprises thesteps of transmitting signature data from a remote location to thedigital image capture device; associating an image identification withthe digital still image; applying the signature data to the captureddigital still image to produce an authentication signaturerepresentative of the captured digital still image; associating theauthentication signature with the image identification; transmitting theauthentication signature to the remote location; and storing thesignature data, authentication signature, and image identification atthe remote location.

[0013] According to another aspect of the invention, there is provided asystem for processing for later authentication a digital still image.The system includes a digital image capture device including an imageprocessor, a remote location remote from the digital image capturedevice, and communication means. The digital image capture devicecaptures the digital still image. The remote location comprises adatabase for storing signature data, an authentication signature, and animage identification. The image identification is associated with thedigital still image captured by the digital image capture device, andthe authentication signature is associated with the imageidentification. The communication means transmits the signature datafrom the remote location to the digital image capture device, andtransmits the authentication signature for the digital still image tothe remote location. The image processor applies the signature data tothe captured digital still image to produce the authenticationsignature, with the authentication signature being representative of thecaptured digital still image.

[0014] According to a further aspect of the invention, there is provideda method of authenticating a digital still image captured using adigital image capture device. To process the image for laterauthentication, signature data is transmitted from a remote location tothe digital image capture device. Upon capturing the digital stillimage, an image identification is associated with the digital stillimage. The signature data is then applied to the captured digital stillimage to produce an authentication signature representative of thecaptured digital still image. The authentication signature is associatedwith the image identification and transmitted from the digital stillimage to the remote location for storage at the remote location. Tolater authenticate the digital still image, the digital still image istransmitted to the remote location. The signature data for thetransmitted digital still image is accessed and applied to thetransmitted digital still image to produce a verification signature. Theauthentication signature and the verification signature are compared todetermine the authentication of the transmitted digital still image.

[0015] According to a still further aspect of the invention, there isprovided a system for authenticating a digital still image capturedusing a digital image capture device and processed using signature dataprovided to the digital image capture device to produce anauthentication signature representative of the digital still image. Thesystem comprises a remote location remote from the digital image capturedevice, communication means for transmitting the digital still image tothe remote location for authentication, and a processor located at theremote location. The remote location comprises a database for storingthe signature data and authentication signature. The processor appliesthe signature data to the transmitted digital still image to produce averification signature and compares the authentication signature withthe verification signature to determine the authentication of thedigital still image.

[0016] According to yet another aspect of the present invention, thereis provided a method of authenticating a digital still image capturedusing a digital image capture device. To process the image for laterauthentication, signature data is transmitted from a remote location tothe digital image capture device. Upon capturing the digital stillimage, an image identification is associated with the digital stillimage. The signature data is then applied to the captured digital stillimage to produce an authentication signature representative of thecaptured digital still image. The authentication signature is associatedwith the image identification and transmitted from the digital imagecapture device to the remote location for storage at the remotelocation. To later authenticate the digital still image, the signaturedata corresponding to the image identification for the image in questionis transmitted to the image capture device upon which the image to beauthenticated resides (or alternatively, to a computer on which theimage to be authenticated resides). The signature data for the digitalstill image is applied at the image capture device to the digital stillimage to produce a verification signature. The verification signature istransmitted to the remote location. At the remote location, theauthentication signature and the verification signature are compared todetermine the authentication of the digital still image.

[0017] The present invention provides a system and method fordetermining the authenticity of a digitally captured image wherein aremote database comprises signature information, and the storedsignature information is accessed to authenticate the image.

BRIEF DESCRIPTION OF THE DRAWINGS

[0018] The foregoing and other objects, features, and advantages of theinvention will be apparent from the following more particulardescription of the preferred embodiments of the invention, asillustrated in the accompanying drawings.

[0019]FIG. 1 generally illustrates a system in accordance with thepresent invention for processing a digital still image for laterauthentication.

[0020]FIG. 2 shows a block diagram of an image capture device suitablefor use with the present invention.

[0021]FIG. 3 shows a flow diagram of a method in accordance with thepresent invention for processing a digital still image for laterauthentication.

[0022]FIG. 4 generally illustrates a system in accordance with thepresent invention suitable for authenticating a digital still imageprocessed in accordance with the method illustrated in FIG. 3.

[0023]FIG. 5 shows a flow diagram of a method in accordance with thepresent invention for authenticating a digital still image processed inaccordance with the method illustrated in FIG. 3.

[0024]FIG. 6 shows a flow diagram of a method in accordance with thepresent invention for authenticating a digital still image using animage capture device.

DETAILED DESCRIPTION OF THE INVENTION

[0025] The following is a detailed description of the preferredembodiments of the invention, reference being made to the drawings inwhich the same reference numerals identify the same elements ofstructure in each of the several figures.

[0026] The present invention relates generally the processing andauthenticating of a digitally captured image while providing flexibilityand portability of the image capture device used to capture the image.More particularly, the present invention provides a system and method ofverifying the authenticity of a digital image on the basis of anauthentication signature stored at a secure remote location. The digitalimage is not encrypted nor stored at the remote location. As such, theutility of the digital image is not reduced. Rather, the authenticationsignature is accessed each time the authenticity of the digital image isat issue. If the digital image maintains the same signature, the digitalimage is considered to be authentic.

[0027]FIG. 1 generally illustrates a system 5 in accordance with thepresent invention for processing a digital still image for laterauthentication. System 5 includes an image capture device 10 forcapturing the digital image capture device, and communication channel 7for communicating with a remote location 9.

[0028] While those skilled in the art will recognize image capturedevices suitable for use with system 5, FIG. 2 shows a block diagram ofa typical image capture device 10 suitable for use with system 5. Imagecapture device is preferably a digital camera adapted to capture imagesin electronic form. Image capture device 10 captures digital imageswhich are stored on a removable memory card 12. Removable memory cards12 are known to those skilled in the art. For example, removable memorycard 12 can include memory cards adapted to the PCMCIA card interfacestandard and the CompactFlash Specification Version 1.3, published bythe CompactFlash Association, Palo Alto, Calif., Aug. 5, 1998. Othertypes of digital memory devices, such as magnetic hard drives, magnetictape, or optical disks, could alternatively be used to store the digitalimages.

[0029] Image capture device 10 may include a zoom lens 14 having a zoomand focus motor 16 and an adjustable aperture and shutter (not shown).When an image is being captured using image capture device 10, zoom lens14 focuses light from a scene being captured (not shown) onto an imagesensor 18. Image sensor 18 may be, for example, a single-chip colorcharged couple device (CCD) image sensor, and may employ the well knownBayer color filter pattern. Image sensor 18 is controlled by a clockdriver(s) 20. Zoom and focus motors 16 and clock driver 20 arecontrolled by control signals supplied by a control processor and timinggenerator 22. Control processor and timing generator 22 receives inputsfrom an autofocus and autoexposure detector 24 and controls a flash 26.An analog output signal from the image sensor 18 is amplified andconverted to digital data by an analog signal processing (ASP) andanalog-to-digital (A/D) converter 28. Digital data received fromconverter 28 is stored in a DRAM buffer memory 30 and subsequentlyprocessed by an image processor 32. Image processor 32 is controlled byfirmware stored in a firmware memory 34, which can be, for example,flash EPROM memory.

[0030] Image processor 32 will process the image captured in accordancewith instructions stored in firmware memory 34. Image processor 34performs color interpolation followed by color and tone correction, inorder to produce rendered sRGB image data. The rendered sRGB image datacan then be compressed, for example using the well known JPEG format.Using memory card interface 36, the compressed image data is then storedas an image file on removable memory card 12. Image processor 32preferably creates a “thumbnail” size image that is stored in RAM memory38 and supplied to a color LCD image display 40, which displays thecaptured image for the user to review. This low-resolution “thumbnail”size image, can be created as described in commonly assigned U.S. Pat.No. 5,164,831 (Kuchta, et. al.), the disclosure of which is hereinincorporated by reference. The thumbnail image preferably has 160×120pixels, and is stored within the Exif version 2.1 image file along withthe compressed full resolution image.

[0031] Image capture device 10 is controlled by user controls 42, suchas a series of user buttons including a shutter release (e.g., capturebutton) (not shown) which initiates an image capturing operation. Agraphical user interface displayed on the color LCD image display 40 iscontrolled by a user interface portion of firmware stored in firmwarememory 34.

[0032] The image captured by image capture device 10 can be transferredto a personal computer by removing removable memory card 12 from imagecapture device 10 and inserting removable memory card 12 in a cardreader (not shown) in a computer 44, such as a home personal computer.Alternatively, an interface cable 46 can be used to connect between ahost interface 48 in image capture device 10 and a CPU motherboard (notshown) in computer 44. Interface cable 46 can conform to, for example,the well known universal serial bus (USB) interface specification.

[0033] In a preferred embodiment, image capture device 10 comprises acellular processor 50 adapted to initiate a cellular phone call by meansof a cellular modem 52.

[0034] Referring again to FIG. 1, image capture device 10 is incommunication with remote location 9, remote from image capture device10, by means of communication channel 7. Remote location 9 includessoftware and/or a database or other known means for storing information.Remote location 9 can be operated, for example, by a retailer,photofinisher, computer service provider, security agency, insuranceagency or other service provider.

[0035] Referring now to FIG. 3, to process a digital still image forlater authentication, remote location 9 transmits signature data SD toimage capture device 10 via communication channel 7 (step 100). Theimage is captured using image capture device 10 (step 105). Imageprocessor 32 of image capture device 10 applies signature data SD to thecaptured image to process the image and produce an authenticationsignature AS representative of the captured image (step 110).

[0036] Signature data SD can be transmitted to image capture device 10prior to the capture of the image. Alternatively, signature data SD canbe transmitted subsequent to the capture of the image by image capturedevice 10.

[0037] Signature data SD comprises information for processing thecaptured image so as to produce authentication signature AS. Forexample, signature data SD might be a hashing algorithm, such as theSHA-1 algorithm as specified in FIPS PUB 180-1, which hashes any givensize data to only 20 bytes. Hashing algorithms are well known algorithmswherein each pixel value in the image is acted upon by a particularfunction to determine a number that is representative of the image. Thefunction is sensitive to any change in the image. Accordingly, if anypixel of the image is changed/modified, the output of the hashingalgorithm will differ from the original. This hashing algorithm may beperformed before or after compression of the captured image, and beforeor after other image manipulations. The sequence of operation isdetermined by file size and acceptable image quality losses. It may bethat a large file without compression losses is preferred inapplications where authenticity of the captured image is critical.

[0038] Other signature data SD may be known to those skilled in the art,for example, a lookup table or checksum data. Alternatively, signaturedata SD may be an algorithm that processes a string ofnumbers/characters, which in the instant application is the image data,to provide a unique or substantially unique numerical value.Additionally, signature data SD may be a set of variable input to analgorithm disposed in the image capture device that causes the algorithmto generate a unique or substantially unique numerical value based onthe variable input and the image data.

[0039] Preferably, remote location 9 employs a plurality of signaturedata SD so as to maintain anonymity and reduce counterfeiting, andconsequently maintain the security, of the authentication signatureproduced. A random generator may be used to determine which signaturedata to employ.

[0040] Once authentication signature AS is produced, an imageidentification ID is associated with the captured image andauthentication signature AS. Image identification ID can be generated byimage capture device 10, or alternatively, by remote location 7. Thegeneration of image identification ID can be conducted prior orsubsequent to the capture of the image. Image identification ID cancomprise numerical, alphabetical, textual, iconic, and/or graphicalinformation. For example, image identification ID could include theserial number of image capture device 10 concatenated with the date andtime the image was captured, thereby producing a unique imageidentification ID. Image identification ID must be stored with thecaptured image for authentication purposes.

[0041] Authentication signature AS may also comprise a series of values.If the digital still image is divided/configured into segments, such asrectangular areas, signature data SD can be applied to each of thesegments individually to yield a value. These individual values createan authentication signature for each of the segments (i.e., a segmentauthentication signature). The authentication signature for each of thesegments can be stored at the remote location. As such, authenticationsignature AS can comprise this series of values. In this manner,portions of cropped/zoomed digital still images may be verified.Alternatively, signature data SD is applied to portions of the digitalstill image. That is, while the digital still image is configured into aplurality of segments, signature data SD is not applied to all thesegments but is applied to at least one of the plurality of segments toproduce at least one segment authentication signature.

[0042] Authentication signature AS is transmitted to remote location 9(step 115) by means of communication channel 7. Signature data SD,authentication signature AS, and image identification ID are then storedat remote location 9 (step 120) for later authentication of the digitalstill image. A message may be optionally transmitted by remote location9 indicative of the receipt/storage of authentication signature (step125).

[0043] It is understood that the captured digital still image is notencoded, marked, or encrypted. As such, utility of the image has notbeen affected. However, the captured image may be encoded, marked, orencrypted as the user desires and the present invention may be employedto provide authentication.

[0044] It is also understood that authentication signature AS is notstored by image capture device 10. Rather, authentication signature ASis stored at remote location 9.

[0045] It is preferred that signature data is stored at remote location9 and not stored by image capture device 10. While signature data SD maybe stored at any location, storage at a location other than remotelocation 9 is not beneficial since authentication is available by meansof signature data SD and authentication signature AS stored at remotelocation 9.

[0046] Referring now to FIG. 4, communication channel 7 can comprisewell known communication means though preferably communication channel 7includes a cellular network 54 adapted to provide communication betweenimage capture device 10 and remote location 9 by means of a cellularmodem 52. More particularly, cellular network 54 provides acommunication network between image capture device 10 and cellular modem56 disposed at remote location 9 by means of channel 58, which can be awired channel.

[0047] In FIG. 4, remote location 9 is illustrated as a databaseprovider including a server 60 and signature database 62. Onceauthentication signature AS has been determined, image processor 32communicates authentication signature AS to cellular processor 50.Cellular processor 50 initiates a cellular phone call via cellular modem52. Authentication signature AS and image identification ID aretransmitted to cellular network 54 by means of cellular modem 52.Authentication signature AS and image identification ID are thentransferred to remote location 9 by means of channel 58. Server 60places image identification ID and authentication signature AS insignature database 62. Signature data SD is also stored in signaturedatabase 62. Server 60 may optionally initiate a message to imagecapture device 10 via channel 58 confirming the storage of the data.Image capture device 10 is then free to terminate the connection,continue image capture, or provide other functions/operations.

[0048] It is understood that a cellular connection is preferred topromote mobility and flexibility, but that other connections, wired orwireless, can be employed.

[0049] In an alternate embodiment, signature data SD resides in imagecapture device 10. Such an arrangement reduces the communication betweenremote location 9 and image capture device 10. However, such anarrangement also reduces the level of security since signature data SDis not specific to an image nor changed as a function of time.

[0050] In a further embodiment, the captured image can be transmitted toremote location 9 where signature data SD can be applied to produceauthentication signature AS. While this arrangement would eliminate thetransmitting of authentication signature AS from image capture device 10to remote location 9, it would require the transmitting of the image toremote location 9, and such transmission could be cumbersome and timeconsuming. Accordingly, while such an arrangement is not preferred,there is a benefit to this arrangement in that the image need not bestored at remote location 9.

[0051] If image capture device 10 is unable to communicate with remotelocation 9, image capture device 10 may continue to capture images, andthe corresponding authentication signatures and image identificationswould be stored for later transmittal to remote location 9. Similarly,captured images alone would be stored/captured if there is no connectionwith remote location 9 and/or signature data SD does not reside in imagecapture device 10. Image capture device 10 can be configured tocontinuously attempt communication with remote location 9 until asuccessful connection is made.

[0052] To promote security, image capture device 10 may be configuredsuch that authentication signature AS is not valid or not produced ifremovable memory card 12 is removed from image capture device 10 or ifany image data is uploaded to image capture device 10. Further, imagecapture device 10 may be configured such that authentication signatureAS will be not valid or produced if image capture device 10 loses power.As such, image capture device 10 may comprise a plurality of powersupplies to ensure continuous power. Still further, image capture device10 may include detectors to detect whether tampering of image capturedevice 10 has occurred. If tampered with, authentication signature ASwould not be produced and any captured images would be marked. Suchfeatures of image capture device 10 would promote security.

[0053] Time stamps, GPS (global positioning systems), directions, andother data may be incorporated into the image prior to the creation ofauthentication signature AS. Time stamps may provide usefulauthenticating functions. For example, an indication that the digitalstill image has not been modified prior to creating authenticationsignature AS can be provided if the elapsed time between capture andcreation and transmission of authentication signature AS is small. Inaddition, the time of transmission of signature data SD and the time ofcapture of the digital still image may be transmitted and stored withauthentication signature AS to provide another indication ofauthenticity.

[0054] Since the captured digital still image is not encoded, marked, orencrypted, the captured digital still image can be provided to memorycard interface 36 for storage on removable memory card 12 and viewing onhome computer 10.

[0055] With the captured digital still image processed in accordancewith the method described above, the processed digital still image maybe later authenticated. FIG. 5 illustrates a method in accordance withthe present invention for authenticating a digital still image processedin accordance with the method described above.

[0056] To determine the authenticity, an authentication request for thedigital still image is initiated from a request location to remotelocation 9. The request location is remote from remote location 9, andcan be image capture device 10, a computer, or other device adapted tocommunicate with remote location 9. The image to be authenticated isthen uploaded to remote location 9. Accordingly, the image to beauthenticated is transmitted to remote location 9 at step 200. Thetransmission can be accomplished by means of communication channel 7 orother communications means available, either wired or wireless. Theimage to be authenticated may be uploaded from the request location orfrom another source/location, for example, image capture device 10, apersonal computer, or other device.

[0057] Once uploaded, server 60 determines image identification IDassociated with the transmitted image. From image identification ID, thecorresponding signature data SD and authentication signature AS can beaccessed.

[0058] Server 60 applies signature data SD to the transmitted image toproduce a verification signature VS (step 205). Server 60 then comparesauthentication signature AS with verification signature VS (step 210)using means known to those skilled in the art. If the two signatures aresubstantially the same, the transmitted image is believed to be the sameimage as was originally captured by image capture device 10. As such,server 60 would initiate an authentication message indicative of theauthenticity (step 215). In contrast, is the two signatures aredetermined to not be substantially the same at step 210, server 60initiates an authentication message indicating that the transmittedimage is not authentic or that authenticity cannot be verified (step220). The authentication message(s) initiated by server 60 can be sentto image capture device 10, a personal computer, or the device fromwhich the image to be authenticated was transmitted.

[0059] It is understood that the method as disclosed in FIG. 5 can beaccomplished at a location other than (i.e., different from) remotelocation 9 (e.g., an authentication location). If the authenticationlocation is not the same as remote location 9, communication means areneeded to securely transmit signature data SD, authentication signatureAS and image identification ID from remote location 9 to theauthentication location. For example, the authentication location can beimage capture device 10. Either all, or a portion of, the method can beaccomplished at the authentication location. For example, if theapplication of signature data SD to the image is computationallyintensive, the application of signature data SD to the image may beaccomplished at the other location with the results (i.e., verificationsignature VS) being transmitted to remote location 9 for comparison withauthentication signature AS. As such, the security of authenticationsignature AS would be maintained since it would not be transmitted fromremote location 9.

[0060] Optionally, server 60 may provide and transmit an authenticationcode which will allow the user to verify the veracity of theauthentication message.

[0061] Referring to FIG. 6, image capture device 10 may be employed toauthenticate the image in accordance with the present invention. Thedigital still image is captured and processed in accordance with themethod disclosed in FIG. 3. To authenticate the image, an authenticationrequest is initiated from image capture device 10 to remote location 9(step 300). Image identification ID for the digital still image to beauthenticated is determined (step 305) and transmitted to remotelocation 9. Remote location 9 determines signature data SD andauthentication signature AS corresponding to image identification ID(step 310). Signature data SD is transmitted to image capture device 10(step 315) and applied to the digital still image at image capturedevice 10 to produce verification signature VS (step 320). Verificationsignature VS is transmitted to remote location 9 (step 325) where it iscompared with authentication signature AS to determine theauthentication of the digital still image (step 330).

[0062] Similarly, a personal computer or other device adapted to storethe digital still image (i.e., where the digital still image resides)can be employed. When the authentication request is initiated, imageidentification ID is determined and transmitted to remote location 9.Remote location 9 determines signature data SD and authenticationsignature AS corresponding to image identification ID. Signature data SDis transmitted to the personal computer and applied to the digital stillimage to produce verification signature VS. Verification signature VS istransmitted to remote location 9 where it is compared withauthentication signature AS to determine the authentication of thedigital still image.

[0063] Should a location other than remote location 9 be employed toauthenticate the image (such as image capture device 10 or computer), itmay be desired to ensure the authenticity of signature data SD and imageidentification ID. That is, when signature data SD and imageidentification ID are transmitted from remote location 9 to anauthentication location (such as image capture device 10 or a personalcomputer as described above), an additional step may be desired toverify the authenticity of signature data SD and image identification IDat the authentication location.

[0064] One method to verify the authenticity of signature SD and imageidentification ID at an authentication location is to generate a digitalsignature DS when processing the digital still image. Digital signatureDS would be stored at remote location 9 along with signature data SD,authentication signature AS, and image identification ID, andtransmitted to the authentication location when required.

[0065] That is, when the digital still image is processed, a digitalsignature DS is also generated. Digital signature DS can generated, forexample, by applying signature data SD to image identification ID. Thoseskilled in the art will recognize other means of generating digitalsignature DS, for example, by applying an algorithm to the concatenationof signature data SD and image identification ID. Once generated,digital signature DS is stored in remote location 9 along with signaturedata SD, authentication signature AS, and image identification ID. Then,when an authorization request is transmitted to remote location 9,digital signature DS is transmitted to the authentication location alongwith signature SD and image identification ID. The authenticationlocation can apply signature data SD to image identification ID anddetermine if the result is substantially equal to digital signature DSand therefore authentic. If digital signature DS is not generated usingsolely signature SD and image identification ID, then the additionalkey/algorithm/data would need to be stored at remote location 9 and alsotransmitted. Alternatively, digital signature DS may not be transmittedto the authentication location. The authentication location can applysignature data SD to image identification ID and send the result toremote location 9. At remote location 9, the result can be compared todigital signature DS to verify that the appropriate signature data SDwill be applied to the appropriate image.

[0066] An advantage of the present invention is that remote location 9need not store image information, but rather signature information.Accordingly, the size and complexity of remote location 9 is simplifiedsince only small amounts of data need be stored for each image. Theprovider of remote location 9 can reduce costs associated with thedatabase.

[0067] Another advantage of the present invention is that the digitalimage remains in the possession of the user, thus the user controls theimage. The image may be used for viewing and verification need only beestablished as needed.

[0068] The small amount of data sent to remote location 9 provides anadvantage in usage of the communications device/channel. Since only asmall amount of data is sent, channels such as cellular telephony can beused to transfer the data that will later be used for verification.

[0069] A computer program product may include one or more storagemedium, for example; magnetic storage media such as magnetic disk (suchas a floppy disk) or magnetic tape; optical storage media such asoptical disk, optical tape, or machine readable bar code; solid-stateelectronic storage devices such as random access memory (RAM), orread-only memory (ROM); or any other physical device or media employedto store a computer program having instructions for controlling one ormore computers to practice the method according to the presentinvention.

[0070] The invention has been described in detail with particularreference to a presently preferred embodiment, but it will be understoodthat variations and modifications can be effected within the spirit andscope of the invention. The presently disclosed embodiments aretherefore considered in all respects to be illustrative and notrestrictive. The scope of the invention is indicated by the appendedclaims, and all changes that come within the meaning and range ofequivalents thereof are intended to be embraced therein.

Parts List

[0071]5 authentication image processing system

[0072]7 communication channel

[0073]9 remote location

[0074]10 image capture device; digital camera

[0075]12 memory card

[0076]14 zoom lens

[0077]16 zoom and focus motor

[0078]18 image sensor

[0079]20 clock driver(s)

[0080]22 control processor and timing generator

[0081]24 autofocus and autoexposure detector(s)

[0082]26 flash

[0083]28 ASP and A/D converter

[0084]30 DRAM buffer memory

[0085]32 image processor

[0086]34 firmware memory

[0087]36 memory card interface

[0088]38 RAM memory

[0089]40 color LCD image display

[0090]42 user controls

[0091]44 personal computer

[0092]46 interface cable

[0093]48 host interface

[0094]50 cellular processor

[0095]52 cellular modem

[0096]54 cellular network

[0097]56 cellular modem

[0098]58 channel

[0099]60 server

[0100]62 signature database

What is claimed is:
 1. A method of processing for later authentication adigital still image captured using a digital image capture device,comprising the steps of: transmitting signature data from a remotelocation to the digital image capture device; associating an imageidentification with the captured digital still image; applying thesignature data to the captured digital still image to produce anauthentication signature representative of the captured digital stillimage; associating the authentication signature with the imageidentification; transmitting the authentication signature to the remotelocation; and storing the signature data, authentication signature, andimage identification at the remote location.
 2. The method of claim 1,further comprising the step of capturing the digital still image afterthe signature data is transmitted to the digital image capture devicefrom the remote location.
 3. The method of claim 1, wherein thesignature data from the remote location is transmitted to the digitalimage capture device prior to the capture of the digital still image. 4.The method of claim 1, wherein the signature data from the remotelocation is transmitted to the digital image capture device subsequentto the capture of the digital still image.
 5. The method of claim 1,wherein the remote location comprises a database for storing theauthentication signature.
 6. The method of claim 1, further comprisingthe step of transmitting a message indicative of receipt of theauthentication signature by the remote location.
 7. The method of claim1, further comprising the step of associating the signature data withthe image identification.
 8. A method of authenticating a digital stillimage captured using a digital image capture device and processed usingsignature data to produce an authentication signature wherein theauthentication signature is stored at a remote location for later use inverifying the authentication of the captured digital still image, themethod comprising the steps of: transmitting the digital still image tothe remote location; accessing the signature data; applying thesignature data to the transmitted digital still image to produce averification signature; accessing the authentication signature stored atthe remote location; and comparing the authentication signature with theverification signature to determine the authentication of thetransmitted digital still image.
 9. The method of claim 8, furthercomprising the step of producing an authentication message indicative ofthe authentication of the digital still image.
 10. The method of claim9, further comprising the step of transmitting an authentication code toverify the authentication of the authentication message.
 11. The methodof claim 8, further comprising the step of verifying the authenticity ofthe signature data.
 12. A method of authenticating a digital still imagehaving an image identification and captured using a digital imagecapture device and processed using signature data to produce anauthentication signature wherein the authentication signature, signaturedata, and image identification is stored at a remote location for lateruse in verifying the authentication of the captured digital still image,the method comprising the steps of: transmitting an authenticationrequest for the digital still image; determining the imageidentification for the digital still image to be authenticated;determining, from the remote location, the signature data andauthentication signature associated with the image identification;transmitting the signature data from the remote location to anauthentication location remote from the remote location; applying thesignature data to the digital still image to be authenticated at theauthentication location to produce a verification signature;transmitting the verification signature from the authentication locationto the remote location; and comparing the authentication signature andthe verification signature to determine the authentication of thedigital still image.
 13. The method of claim 12, further comprising thestep of producing an authentication message indicative of theauthentication of the digital still image.
 14. The method of claim 13,further comprising the step of transmitting an authentication code toverify the authentication of the authentication message.
 15. The methodof claim 12, wherein the authentication location is the digital imagecapture device or a personal computer.
 16. A method of authenticating adigital still image captured using a digital image capture device,comprising the steps of: transmitting signature data from a remotelocation to the digital image capture device; associating an imageidentification with the digital still image; applying the signature datato the captured digital still image to produce an authenticationsignature representative of the captured digital still image;associating the authentication signature with the image identification;transmitting the authentication signature to the remote location;storing the signature data, authentication signature, and imageidentification at the remote location; transmitting the digital stillimage to the remote location; accessing the signature data for thetransmitted digital still image; applying the signature data to thetransmitted digital still image to produce a verification signature; andcomparing the authentication signature with the verification signatureto determine the authentication of the transmitted digital still image.17. The method of claim 16, further comprising the step of producing anauthentication message indicative of the authentication of thetransmitted digital still image.
 18. The method of claim 16, wherein thesignature data from the remote location is transmitted to the digitalimage capture device prior to the capture of the digital still image.19. The method of claim 16, wherein the remote location comprises adatabase for storing the authentication signature.
 20. The method ofclaim 16, further comprising the step of transmitting a messageindicative of receipt of the authentication signature by the remotelocation.
 21. A method of authenticating a digital still image capturedusing a digital image capture device, comprising the steps of:transmitting signature data from a remote location to the digital imagecapture device; associating an image identification with the captureddigital still image; applying the signature data to the captured digitalstill image to produce an authentication signature representative of thecaptured digital still image; associating the authentication signaturewith the image identification; transmitting the authentication signatureto the remote location; storing the signature data, authenticationsignature, and image identification at the remote location; initiatingan authentication request from an authentication location remote fromthe remote location, the digital still image to be authenticated beingdisposed at the authentication location; transmitting the signature datato the authentication location; applying the signature data to thedigital still image to be authenticated at the authentication locationto produce a verification signature; transmitting the verificationsignature to the remote location; and comparing, at the remote location,the authentication signature with the verification signature todetermine the authentication of the transmitted digital still image. 22.The method of claim 21, further comprising the step of transmitting thedigital still image to be authenticated to the authentication location.23. The method of claim 21, further comprising the step of producing anauthentication message indicative of the authentication of thetransmitted digital still image.
 24. The method of claim 21, wherein thesignature data from the remote location is transmitted to the digitalimage capture device prior to the capture of the digital still image.25. The method of claim 21, wherein the authentication location is adigital image capture device or a computer.
 26. The method of claim 21,further comprising the step of transmitting a message indicative ofreceipt of the authentication signature by the remote location.
 27. Amethod of authenticating a digital still image captured using a digitalimage capture device, the method comprising the steps of: transmittingsignature data from a remote location to the digital image capturedevice; associating an image identification with the captured digitalstill image; applying the signature data to the captured digital stillimage to produce an authentication signature representative of thecaptured digital still image; associating the image identification withthe authentication signature; transmitting the authentication signatureto the remote location; storing the signature data, authenticationsignature, and image identification at the remote location; transmittingthe signature data from a remote location to the digital image capturedevice; applying the signature data to the digital still image at thedigital image capture device to produce a verification signature;transmitting the verification signature from the digital image capturedevice to the remote location; and comparing the authenticationsignature with the verification signature to determine theauthentication of the transmitted digital still image.
 28. The method ofclaim 27, further comprising the step of, prior to transmitting thesignature data from the remote location to the digital image capturedevice, transmitting an authentication request for the digital stillimage to the remote location from the digital image capture device. 29.The method of claim 27, further comprising the step of producing anauthentication message indicative of the authentication of thetransmitted digital still image.
 30. A system for processing for laterauthentication a digital still image, comprising: a digital imagecapture device for capturing the digital still image; a remote locationremote from the digital image capture device comprising a database forstoring signature data, an authentication signature, and an imageidentification, the image identification being associated with thedigital still image captured by the digital image capture device, andthe authentication signature being associated with the imageidentification; communication means for transmitting the signature datafrom the remote location to the digital image capture device, andtransmitting the authentication signature from the digital still imageto the remote location; and an image processor disposed in the digitalimage capture device for applying the signature data to the captureddigital still image to produce the authentication signature, theauthentication signature being representative of the captured digitalstill image.
 31. The system of claim 30, wherein the signature datacomprises a hashing algorithm.
 32. The system of claim 30, furthercomprising a messaging system for producing an authentication messageindicative of the authentication of the transmitted digital still image.33. A system for authenticating a digital still image captured using adigital image capture device and processed using signature data providedto the digital image capture device to produce an authenticationsignature representative of the digital still image, the systemcomprising: a remote location remote from the digital image capturedevice comprising a database for storing the signature data andauthentication signature; communication means for transmitting thedigital still image to the remote location for authentication; and aprocessor located at the remote location for applying the signature datato the transmitted digital still image to produce a verificationsignature and comparing the authentication signature with theverification signature to determine the authentication of the digitalstill image.
 34. The system of claim 33, wherein the remote locationfurther comprises a messaging system for producing an authenticationmessage indicative of the authentication of the transmitted digitalstill image.
 35. A system for authenticating a digital still imagecaptured using a digital image capture device and processed usingsignature data provided to the digital image capture device to producean authentication signature representative of the digital still image,the signature data and authentication signature being stored at theremote location, the system comprising: an authentication locationremote from the digital image capture device and remote location forauthenticating the digital still image; communication means for (a)transmitting the digital still image to the authentication location forauthentication, (b) accessing and transmitting the signature data forthe transmitted digital still image from the remote location to theauthentication location, and (c) transmitting a verification signaturefrom the authentication location to the remote location; a processorlocated at the authentication location for applying the signature datato the transmitted digital still image to produce the verificationsignature; and a comparator located at the remote location for comparingthe authentication signature with the verification signature todetermine the authentication of the digital still image.
 36. The systemof claim 35, farther comprising a messaging system for producing anauthentication message indicative of the authentication of thetransmitted digital still image.
 37. A digital still image processedaccording to the method of claim
 1. 38. A computer storage producthaving at least one computer storage medium having instructions storedtherein causing one or more computers to perform the method of claim 1.39. A computer storage product having at least one computer storagemedium having instructions stored therein causing one or more computersto perform the method of claim
 8. 40. A method of processing for laterauthentication a digital still image captured using a digital imagecapture device, comprising the steps of: transmitting signature datafrom a remote location to the digital image capture device; associatingan image identification with the captured digital still image;segmenting the captured digital still image into a plurality ofsegments; applying the signature data to each of the plurality ofsegments to produce a plurality of segment authentication signatures;transmitting the plurality of segment authentication signatures to theremote location; and storing the signature data, plurality of segmentauthentication signatures, and image identification at the remotelocation.
 41. A method of processing for later authentication a digitalstill image captured using a digital image capture device, comprisingthe steps of: transmitting signature data from a remote location to thedigital image capture device; associating an image identification withthe captured digital still image; segmenting the captured digital stillimage into a plurality of segments; applying the signature data to atleast one of the plurality of segments to produce an authenticationsignature; transmitting the authentication signature to the remotelocation; and storing the signature data, authentication signature, andimage identification at the remote location.
 42. A method of processingfor later authentication a digital still image captured using a digitalimage capture device, comprising the steps of: at a first time,transmitting signature data from a remote location to the digital imagecapture device; associating an image identification with the captureddigital still image; applying the signature data to the captured digitalstill image to produce an authentication signature representative of thecaptured digital still image; associating the authentication signaturewith the image identification; at a second time different than the firsttime, transmitting the authentication signature to the remote location;and storing the first time, second time, signature data, authenticationsignature, and image identification at the remote location.
 43. Themethod of claim 42, wherein the first time and second time aredetermined by the digital image capture device.